SUNNYVALE, Calif. -- April 2, 2014 -- Fortinet, a global leader in high-performance network security, today announced its FortiSandbox-3000D is one of the top rated Breach Detection Systems (BDS), delivering 99 percent breach detection and zero false positives, based on real-world comparative analysis conducted by third party NSS Labs.

A Recommended rating from NSS Labs indicates that a product has performed well and deserves strong consideration. Only the top technical products earn a Recommended rating from NSS—regardless of market share, company size or brand recognition.

“Real-world third-party validation is an essential resource for enterprises considering security products to help cut through confusion caused by vendor marketing,” said Fortinet CEO Ken Xie. “NSS Labs’ testing continues to demonstrate Fortinet’s commitment to meet high industry standards for security detection, performance, reliability, management and value. In this case, Fortinet’s FortiGuard Labs expertise was integral in meeting and exceeding those high benchmarks, which are increasingly necessary to combat sophisticated cyber-threats and today’s stealthy Advanced Persistent Threats.”

Leveraging sophisticated research and test infrastructure that collects real threats and attack methods for concurrent delivery to the systems under test (SUT), NSS Labs utilized empirical data from its first ever Breach Detection Systems Group Test to produce a Security Value Map (SVM). The SVM measures the security effectiveness and value (cost per protected Mbps) of tested product configurations. Fortinet’s FortiSandbox-3000D is one of the top performing systems out of six network security vendors (see Figure 1).

(FIGURE 1)

NSS Labs: “Recommends” FortiSandbox

As a result of testing against five other vendors’ products, Fortinet’s FortiSandbox-3000D earned a “Recommended” rating based on real-world testing that evaluated detection rate, device stability and reliability, effective management, performance and total cost of ownership. This latest vendor roundup is the industry’s most comprehensive third-party test of Breach Detection Systems to date.

According to the NSS Labs’ benchmark results, Fortinet’s FortiSandbox-3000D passed 100 percent of the tests that gauged the reliability and stability of the device. In addition, NSS analysis found the FortiSandbox-3000D to have a 99 percent threat detection rate in a real-world testing environment that included more than 1,800 live exploits and malware samples. Both threat detection and reliability and stability scores were factored into a metric that led to a 99 percent rating in overall security effectiveness.

NSS Labs tests also confirmed the FortiSandbox-3000D as a high-performance BDS solution, with the majority of detections happening in three minutes or less. The FortiSandbox-3000D tied for the highest number of TCP connections per second at 225,000, and the appliance accurately delivered on stated throughput claims.

The “Recommended” rating speaks to the criticality of real-world third party testing and Fortinet’s commitment to meeting and exceeding high industry standards.

When FortiSandbox is used in conjunction with a FortiGate NGFW and FortiGuard, Fortinet’s Advanced Threat Protection (ATP) solution provides Access Control, Threat Prevention, Behavioral Analysis, Continuous and Monitoring to provide the best protection against targeted attacks.

“The Fortinet FortiSandbox-3000D was tested and rated by NSS at 1,000 Mbps, which is in line with the vendor’s claim (Fortinet rates this device at 1,000 Mbps). NSS rated throughput is calculated as an average of the “Real-World” Protocol Mixes (Enterprise Perimeter, Education), and the 21 KB HTTP response-based tests,” according to NSS Labs. “The Fortinet FortiSandbox-3000D detected 99% of HTTP malware, 98% of email malware, and 100% of exploits, giving an overall breach detection rating of 99.0%. The device passed all stability and reliability tests and detected 83% of evasions.”

About FortiSandbox-3000D

The FortiSandbox-3000D is a key component to help combat sophisticated malware and Advanced Persistent Threats (APTs) as part of a broader, integrated security framework.

The FortiSandbox consolidates specialized threat detection and intelligence services across protocols and functions into a single, high-performance and highly affordable appliance. At the core of the solution is a dual-level sandbox that effectively deals with the increasing sophistication of attacks that require more advanced inspection.

Key features include:

Proactive Antimalware

Real-time Cloud Query of Community Results

Code Emulation

Full Virtual Environment

Callback Detection

Actionable dashboards and reports

Optional Submission to FortiGuard

The FortiSandbox-3000D can be integrated with Fortinet’s FortiGate and FortiMail platforms for enhanced detection and threat mitigation or deployed on-premise on its own without changing any network configuration.

FortiSandbox Product Family

Further demonstrating the company’s commitment to the Breach Detection Systems space, in February this year, Fortinet announced the FortiSandbox-1000D, a unique dual-level sandbox that features proactive pre-filtering, dynamic threat intelligence and rich reporting for small to mid-sized enterprises. As with the FortiSandbox-3000D, the FortiSandbox-1000D offers a consolidated approach to covering all protocols and functions in one appliance with the ability to deploy stand-alone or as an integrated extension of FortiGate and FortiMail appliances.